Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[BUG] Disable IPv4 and Use IPv6 Network Only for Docker Networks and Containers #11830

Closed
fti-akumari opened this issue May 17, 2024 · 1 comment

Comments

@fti-akumari
Copy link

fti-akumari commented May 17, 2024

Description

I would like to know if it is possible to configure Docker to disable IPv4 completely and use only IPv6 networks for all Docker networks and containers. Currently, Docker supports both IPv4 and IPv6, but I am looking for a way to enforce IPv6-only networking.

My current configuration file (daemon.json) is :

{
"bip": "172.128.0.1/16",
"default-address-pools": [
{ "base": "172.128.0.1/9", "size": 16 },
{ "base": "fdd0:df31:dff5::1/104", "size": 112 }
],
"ipv6": true,
"experimental": true,
"ip6tables": true,
"fixed-cidr-v6": "fdd0:df31:dff5:beef::/64",
"dns": ["172.128.0.1", "fdd0:df31:dff5::1"]
}

Questions:-

  • Is there a configuration setting or a specific method to disable IPv4 entirely for Docker networks and containers?
  • What are the steps to set up Docker to operate exclusively on IPv6 networks?

Expected Behaviour:-
Docker networks and containers should operate exclusively over IPv6 without any IPv4 addressing.

Actual Behaviour:-
Docker networks and containers currently use both IPv4 and IPv6.

Steps To Reproduce

After adding this configuration for only ipv6 network enabled

{
"default-address-pools": [
{ "base": "fdd0:df31:dff5::1/104", "size": 112 }
],
"ipv6": true,
"experimental": true,
"ip6tables": true,
"fixed-cidr-v6": "fdd0:df31:dff5:beef::/64",
"dns": ["fdd0:df31:dff5::1"]
}

I am getting this error
Screenshot from 2024-05-20 12-43-00

Compose Version

Client: Docker Engine - Community
 Version:           26.0.0
 API version:       1.45
 Go version:        go1.21.8
 Git commit:        2ae903e
 Built:             Wed Mar 20 15:18:01 2024
 OS/Arch:           linux/amd64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          26.0.0
  API version:      1.45 (minimum version 1.24)
  Go version:       go1.21.8
  Git commit:       8b79278
  Built:            Wed Mar 20 15:18:01 2024
  OS/Arch:          linux/amd64
  Experimental:     true
 containerd:
  Version:          1.6.28
  GitCommit:        ae07eda36dd25f8a1b98dfbf587313b99c0190bb
 runc:
  Version:          1.1.12
  GitCommit:        v1.1.12-0-g51d5e94
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

Docker Environment

Client: Docker Engine - Community
 Version:    26.0.0
 Context:    default
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.14.0
    Path:     /usr/libexec/docker/cli-plugins/docker-buildx
  compose: Docker Compose (Docker Inc.)
    Version:  v2.26.1
    Path:     /usr/libexec/docker/cli-plugins/docker-compose

Server:
 Containers: 41
  Running: 41
  Paused: 0
  Stopped: 0
 Images: 79
 Server Version: 26.0.0
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Using metacopy: false
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: journald
 Cgroup Driver: systemd
 Cgroup Version: 2
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: ae07eda36dd25f8a1b98dfbf587313b99c0190bb
 runc version: v1.1.12-0-g51d5e94
 init version: de40ad0
 Security Options:
  apparmor
  seccomp
   Profile: builtin
  cgroupns
 Kernel Version: 6.5.0-0.deb12.4-amd64
 Operating System: Debian GNU/Linux 12 (bookworm)
 OSType: linux
 Architecture: x86_64
 CPUs: 8
 Total Memory: 15.27GiB
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Experimental: true
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false
 Default Address Pools:
   Base: 172.128.0.1/9, Size: 16
   Base: fdd0:df31:dff5::1/104, Size: 112

Anything else?

No response

@ndeloof
Copy link
Contributor

ndeloof commented May 21, 2024

If feasible, this would be a network driver option, to be set in your networks declaration

AFAIK the default network driver allows to enable ipv6 but not to disable ipv4 (https://docs.docker.com/config/daemon/ipv6/#create-an-ipv6-network)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants